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REMARKS 

This Amendment is responsive to the Non-Final Office Action mailed September 15, 
2003. The specification has been objected to. Whith this response, the specification has been 
amended to correct the bases for objection. Claims 1-24 were rejected. With this Response, 
claims 4, 7, and 19 have been amended to correct informalities and for clarity. Claims 1-24 
remain pending in the application and are presented for reconsideration and allowance. 

Objections to the Specification 

The Examiner has objected to the embedded hyperlink on page 4, line 15. With this 
Amendment, the hyperlink has been removed and replaced with plain text. 

The Examiner has also objected to the use of the trademark Windows 2000 in the 
specification. With this Amendment, all instances of Windows and Windows 2000 have 
been indicated with the ® symbol and followed by the generic name, "operating system." 

No new matter has been added to the specification with this Amendment. 

Therefore, Applicant respectfully requests that the objections to the specification be 
removed. 

Claim Rejections under 35 U.S.C. § 103 

The Examiner has rejected independent claims 1-6 and 13-18 on the basis of 35 
U.S.C. § 103(a) as being obvious over Chapman et al. (U.S. Patent No. 6,058,484) in view of 
Lipner et al. (U.S. Patent No. 5,210,795). 

The Examiner rejected claims 4 and 16 under 35 U.S.C. § 103 as being unpatentable 
over the Chapman Patent in view of the Lipner Patent in further view of the Asay U.S. Patent 
No. 5,903,882. 

The Examiner rejected claim 7, 9, 19, and 21 under 35 U.S.C. § 103 as being 
unpatentable over the Chapman Patent in view of the Liper Patent in further view of the 
Howell U.S. Patent No. 5,276,901. 

The Examiner rejected claims 1 1 and 23 under 35 U.S.C. § 103 as being unpatentable 
over the Chapman Patent in view of the Lipner Patent and in further view of the Maruyama 
U.S. Patent No. 6,393,563. 
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The Examiner rejected claims 12 and 24 under 35 U.S.C. § 103 as being unpatentable 
over the Chapman Patent in view of the Lipner Patent in further view of the Kausik U.S. 
Patent No. 6,263,446. 

The Chapman Patent is directed to systems and methods for addressing problems 
associated with date settings discrepancies between client computer terminals and server 
computer terminals. The Chapman et al. patent teaches a scheme for selecting a certificate 
from a plurality of certificates, each of the plurality of certificates having a specific validity 
period. The selected certificate is selected because it has a desired validity period based on 
certain factors. 

In the Office Action rejection of independent claims 1 and 13, the Examiner admits 
that the Chapman et al. patent does not disclose a short term public key certificate. Applicant 
respectfully submits that the Chapman et al. patent also does not teach or suggest any short 
term public key certificate, any directory for storing short term authorization information 
related to the user which is bound to the user's public key and long term identification 
information by the short term certificate, or any credentials server for issuing the short term 
certificate. All of these limitations are claimed in independent claim 1. Likewise, the 
Chapman et al. patent does not teach or suggest storing short term authorization information 
related to the user or issuing a short term certificate, as claimed in independent claim 13. 

The Examiner further relies on the Lipner et al. patent as a basis for the § 103 
obviousness rejection. The Lipner et al. patent is directed to a method and security devices 
for authenticating a user of a computer. To address the problem of Trojan Horses or other 
malicious programs running on the user's computer from compromising the user's password 
protection, the Lipner et al. patent discloses booting the user's computer with special 
authentication software that authenticates the user as well as the operating system of the 
computer that is to be booted later. If the use is unable to enter the correct password, or if the 
operating system is determined to be different than expected, the authentication software 
prevents the user from proceeding. Assuming the user is authorized to proceed with the 
login, the login software generates a temporary public-private key pair called a "session key" 
and creates a "signed delegation certificate" containing the public component of the session 
key, identification information about the user, and validity period information. Next, the 
operating system is permitted to boot and run, and when running, the operating system uses 
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the previously created session keys and delegation certificate when communicating with 
remote servers. 

The Lipner et al. patent does not teach or suggest the use of certificate authorities in 
public key infrastructures for issuing certificates authenticating the user as claimed in 
independent claims 1 and 13. Although the Lipner et al. patent discloses the use of a 
"temporary delegation certificate," the delegation certificate is created and signed by the 
login software running on the user's computer and represents the authorization of the user's 
computer to speak on behalf of the user. The Lipner et al. patent does not teach or suggest 
any certificate authority issuing a long term certificate, or any credentials server for issuing a 
short tern certificate. Thus, the delegation certificate does not relate back to any trusted well- 
known authority vouching for the user. By contrast, the short term certificate claimed in 
independent claims 1 and 13 binds the public key of the user to the long-term information 
related to the user from the long term certificate. The long term certificate has been issued by 
a certificate authority, which is known and trusted. 

Furthermore, the short term certificate claimed in independent claims 1 and 13 binds 
the short term authorization information related to the user. The Lipner et al. patent and the 
Chapman et al. patent do not teach or suggest a short term certificate for carrying short term 
authorization information related to the user. Moreover, as per independent claim 1 , the short 
term authorization information related to the user that is included in the short term certificate 
is from a directory for storing such information. Applicant respectfully submits that the 
Lipner et al patent does not teach or suggest such a directory for storing such short term 
authorization information related to the user that is later included in the short term certificate. 
Although the Lipner et al patent describes a disk containing the login software, a hard disk in 
the user's computer storing the operating system, and memory of the user's computer, no 
directory for storing short term authorization information is taught or suggested. 

In view of the above, Applicant submits that all limitations of independent claim 1 
and that all features of independent claim 13 are not taught or suggested by the Chapman et 
al. and Lipner et al. patents. In addition, the Chapman et al. and Lipner et al. patents do not 
include any suggestion or motivation for combining features thereof to form the invention 
claimed in independent claims 1 and 13. The Chapman et al. Patent concerns date settings 
discrepancies between client computer terminals and server computer terminals, and teaches 
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selecting from a plurality of long-term certificates based on their validity dates. The Lipner 
et al. patent concerns protecting a user's authentication information by ensuring that the 
user's computer terminal is free of malicious programs before permitting the user to log in 
and access remote servers. Applicants respectfully submit that a person skilled in the art 
would not find any teaching, suggestion, or motivation to combine or modify the features of 
the Chapman et al. and Lipner et al. patents to achieve a public key authorization 
infrastructure or method including the use of a long term certificate issued by a certificate 
authority, and a short term certificate issued by a credentials server to achieve an 
authorization of the user by an application program as claimed in independent claims 1 and 
13. 

Furthermore, as dependent claims 2-12 further define patentably distinct independent 
claim 1, and dependent claims 14-24 further define patentably distinct independent claim 13, 
these dependent claims are also believed to be allowable. 

Therefore, Applicants respectfully request reconsideration and withdrawal of the 35 
U.S.C. § 103(a) rejection to claims 1-24, and allowance of all pending claims 1-24. 
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CONCLUSION 

In view of the above, Applicants respectfully submit that pending claims 1-24 are in 
form for allowance and are not taught or suggested by the cited references. Therefore, 
reconsideration and withdrawal of the rejections and formal allowance of claims 1-24 is 
respectfully requested. 

The Examiner is invited to contact the Applicant's representative at the below-listed 
telephone number to facilitate prosecution of this application. 

Any inquiry regarding this Amendment and Response should be directed to either 
Patrick G. Billig at the blow-listed telephone numbers or William J. Streeter at Telephone 
No. (970) 898-3886, Facsimile No. (970) 898-7247. In addition, all correspondence should 
continue to be directed to the following address: 

Hewlett-Packard Company 

Intellectual Property Administration 
P.O. Box 272400 

Fort Collins, Colorado 80527-2400 

Respectfully submitted, 
Francisco Corella, 
By his attorneys, 

DICKE, BILLIG & CZAJA, PLLC 
Fifth Street Towers, Suite 2250 
100 South Fifth Street 
Minneapolis, MN 55402 
Telephone: (612) 573-2003 
Facsimile: (612) 573-2005 



Date: 

PGB:vb:mad Patrick G. Billig 

Reg. No. 38,080 




CERTIFICATE UNDER 37 C.F.R. 1 .8 : The undersigned hereby certifies that this paper or papers, as described herein, 
are being deposited in the United States Postal Service, as first class mail, in an envelope address to: Mail Stop Non 
Fee Amendment, Commissioner for Patents, P.O. Box 1450, Alexandria, VA 22313-1450 on this 15th day of 
December, 2003. 




B v ^^^^VVX^-X J> 
Name: Patrick G. Billig 




13 



